Microsoft Exchange 2019 Authentication does not seem to work

Traefik Traefik v2
1

I am attempting to use Traefik to proxy Microsoft Exchange 2019 in a lab environment. It all seems to be working until I try the Microsoft Remote Connectivity Analyzer where it states it gets a 401 error from the initial stage. I have tried this without the proxy and it goes through all okay.

The auth that it performs seems to be NTLM over HTTP (I have HTTP1.1 enabled) and the form is a basic auth form with the username in the form of <Username> and then a password field too.

Please find below my dynamic config file. Any help is greatly appreciated

http:
  routers:
    exchange-ms:
      entrypoints:
        - "https"
      rule: "Host(`mail.domain.com`)"
      tls: {}
      service: exchange-ms

    autodiscover-ms:
      entrypoints:
        - "https"
      rule: "Host(`autodiscover.domain.com`)"
      tls: {}
      service: autodiscover-ms
  services:
    exchange-ms:
      loadBalancer:
         serversTransport: mytransport
         servers:
          - url: "https://<Mail-IP>"
         passHostHeader: true
    autodiscover-ms:
      loadBalancer:
         serversTransport: mytransport
         servers:
          - url: "https://<Mail-IP>"

  serversTransports:
    mytransport:
      insecureSkipVerify: true
      disableHTTP2: true
2

Not sure why it doesn’t work, but you seem to use the same target, so you would only need a single router/service:

rule: Host(`mail.domain.com`) || Host(`autodiscover.domain.com`)

Note: By default, passHostHeader is true, which is probably required, if Exchange has been setup with those domains.

3

You are creating http router/service, but it’s of course not only http protocol used by Exchange (related issue).